» the+structure+of+modern+english_+a_10924_i51602098_il345.exe
Overview
Analysis
File Details

the+structure+of+modern+english_+a_10924_i51602098_il345.exe

Runner Utility

LLC Arctic West

The executable the+structure+of+modern+english_+a_10924_i51602098_il345.exe has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Dummy, Ltd. (signed by LLC Arctic West)

Product:

Runner Utility

Version:

1.0.0.151

MD5:

7ca9925cdc74f9cfe6395532ceec524b

SHA-1:

d926992fa056d3577abfec277d5de645b789ffbd

SHA-256:

88863f278f7eefbe1688f9139bf6ba7b5ed84a65fa8c39852ef7eee991682b0c

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/15/2024 4:37:07 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.10.28.15

File size:

1.8 MB (1,873,920 bytes)

Product version:

1.0.0.151

Original file name:

runner.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\the+structure+of+modern+english_+a_10924_i51602098_il345.exe

Digital Signature

Signed by:

LLC Arctic West

Authority:

COMODO CA Limited

Valid from:

8/24/2015 5:00:00 PM

Valid to:

8/24/2016 4:59:59 PM

Subject:

CN=LLC Arctic West, O=LLC Arctic West, STREET=Lviv highway 1, L=Mikolaiv, S=Lvovskaja, PostalCode=81600, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

416057CF015B4832DC973BA203AAB312

File PE Metadata

Compilation timestamp:

8/29/2015 1:29:53 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:SsFugIq+KoUqRj5Wvt49MosxIT9C1ptNSQY53fz:PuPKoUZvt49MoB9CLaXtr

Entry address:

0x3BC9D6

Entry point:

68, B8, 79, CF, 94, E8, A3, 29, E5, FF, 68, B0, C1, D2, 94, E8, 99, 29, E5, FF, 2B, C7, F8, 2B, F7, 0F, B7, F8, 8B, FA, F5, 66, 81, F9, E7, 4B, F9, C1, EF, 05, F8, 2B, D7, F8, F9, 66, 89, 94, 59, B0, 01, 00, 00, F7, D2, 66, D3, DA, 0F, B7, 94, 59, C8, 01, 00, 00, F9, 3D, 00, 00, 00, 01, 0F, 83, 2F, 00, 00, 00, 8B, 7D, FC, 0F, B6, 3F, F5, F9, C1, E6, 08, F9, 85, D5, C1, E0, 08, 81, FD, C4, 06, 91, 02, 0B, F7, 87, FF, 0F, B7, FB, FF, 45, FC, 66, 0F, AC, CF, E7, 66, 0F, BA, F7, 96, 66, C1, DF, DE, 8B, F8, F5... 
[+]

Entropy:

7.9873 (probably packed)

Code size:

1.8 MB (1,862,656 bytes)

Remove the+structure+of+modern+english_+a_10924_i51602098_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.